Examples of Manipulation with Keycloak Resources

Examples of Obtaining a Resource

Obtaining Client

curl --location --request GET "$DEPLOYMENT_URL/auth/admin/realms/cps-default/clients/client_customer-profile-service" --header "Authorization: Bearer $TOKEN"

Examples of Updating a Resource

Updating Realm

DATA=`cat keycloak-realm.json \
| sed s/CUSTOMER_PROFILE_SERVICE_CLIENT_SECRET/$CUSTOMER_PROFILE_SERVICE_CLIENT_SECRET/g \
| sed s/__KEYCLOAK_SMTP_HOST__/$KEYCLOAK_SMTP_HOST/g \
| sed s/__KEYCLOAK_SMTP_PORT__/$KEYCLOAK_SMTP_PORT/g \
| sed s/__KEYCLOAK_SMTP_FROM__/$KEYCLOAK_SMTP_FROM/g \
| sed s/__KEYCLOAK_SMTP_FROM_DISPLAY_NAME__/"$KEYCLOAK_SMTP_FROM_DISPLAY_NAME"/g \
| sed s/__KEYCLOAK_SMTP_AUTH__/$KEYCLOAK_SMTP_AUTH/g \
| sed s/__KEYCLOAK_SMTP_SSL__/$KEYCLOAK_SMTP_SSL/g \
| sed s/__KEYCLOAK_SMTP_STARTTLS__/$KEYCLOAK_SMTP_STARTTLS/g \
| sed s/__KEYCLOAK_SMTP_USER__/$KEYCLOAK_SMTP_USER/g \
| sed s/__KEYCLOAK_SMTP_PASSWORD__/"$KEYCLOAK_SMTP_PASSWORD"/g`

#following call will return 409 if realm already exists
curl --location --request PUT "$DEPLOYMENT_URL/auth/admin/realms/cps-default" \
--header "Authorization: Bearer $TOKEN" \
--header 'Content-Type: application/json' \
--data-raw "$DATA"

Updating Client

<obtain auth token>
curl --location --request PUT "$DEPLOYMENT_URL/auth/admin/realms/cps-default/clients/client_customer-profile-service" --header "Authorization: Bearer $TOKEN" --header 'Content-Type: application/json' --data-raw '
{
"id":"client_customer-profile-service",
"clientId": "customer-profile-service",
"enabled": true,
"clientAuthenticatorType": "client-secret",
"secret": "35d86729-ff09-4aca-b603-9e75fa85c989",
"redirectUris": [
"*"
],
"webOrigins": [
""
],
"directAccessGrantsEnabled": true,
"serviceAccountsEnabled": true,
"authorizationServicesEnabled": true,
"publicClient": false,
"protocol": "openid-connect",
"fullScopeAllowed": true,
"defaultClientScopes": [
"web-origins",
"roles",
"profile",
"email"
],
"optionalClientScopes": [
"address",
"phone",
"offline_access",
"microprofile-jwt"
]
}
'

Updating Secret of a Client

<obtain auth token>
DATA="
{
\"id\":\"client_customer-profile-service\",
\"clientId\": \"customer-profile-service\",
\"enabled\": true,
\"clientAuthenticatorType\": \"client-secret\",
\"secret\": \"$CUSTOMER_PROFILE_SERVICE_CLIENT_SECRET\",
\"redirectUris\": [
\"*\"
],
\"webOrigins\": [
\"\"
],
\"directAccessGrantsEnabled\": true,
\"serviceAccountsEnabled\": true,
\"authorizationServicesEnabled\": true,
\"publicClient\": false,
\"protocol\": \"openid-connect\",
\"fullScopeAllowed\": true,
\"defaultClientScopes\": [
\"web-origins\",
\"roles\",
\"profile\",
\"email\"
],
\"optionalClientScopes\": [
\"address\",
\"phone\",
\"offline_access\",
\"microprofile-jwt\"
]
}
"

#Update of secret
curl --location --request PUT "$DEPLOYMENT_URL/auth/admin/realms/cps-default/clients/client_customer-profile-service" --header "Authorization: Bearer $TOKEN" --header 'Content-Type: application/json' --data-raw "$DATA"

Examples of Deleting a Resource

Deleting Client

curl --location --request DELETE "$DEPLOYMENT_URL/auth/admin/realms/cps-default/clients/client_customer-profile-service" --header "Authorization: Bearer $TOKEN"

Examples of Creating a Resource

Creating Client

<obtain auth token>
curl --location --request POST "$DEPLOYMENT_URL/auth/admin/realms/cps-default/clients" --header "Authorization: Bearer $TOKEN" --header 'Content-Type: application/json' --data-raw '
{
"id":"client_customer-profile-service",
"clientId": "customer-profile-service",
"enabled": true,
"clientAuthenticatorType": "client-secret",
"secret": "35d86729-ff09-4aca-b603-9e75fa85c989",
"redirectUris": [
"*"
],
"webOrigins": [
""
],
"directAccessGrantsEnabled": true,
"serviceAccountsEnabled": true,
"authorizationServicesEnabled": true,
"publicClient": false,
"protocol": "openid-connect",
"fullScopeAllowed": true,
"defaultClientScopes": [
"web-origins",
"roles",
"profile",
"email"
],
"optionalClientScopes": [
"address",
"phone",
"offline_access",
"microprofile-jwt"
]
}
'